摘要
指令表随机化(ISR)技术是一种新型的保护系统免遭任何类型注入码攻击的通用方法。对系统指令表经过特殊的随机化处理,就可以在该系统上运行具有潜在漏洞的软件。攻击者如果不知道随机化算法的密钥,那么他注入的代码对于随机化后的处理器就是非法的,并且会导致运行异常。ISR技术可以用作一个低耗费的保护机制,也能够很方便地用来补充其他机制。
ISR (Instruction Set Randomization) is a new, general approach for safeguarding systems against any type of code-injection attack. Potentially vulnerable software can be executed on the system that has process-specific randomized instruction sets. An attacker who does not know the key to the randomization algorithm will inject code that is invalid for that randomized processor, causing a runtime exception. ISR can serve as a low-overhead protection mechanism, and can easily complement other mechanisms.
出处
《微电子学与计算机》
CSCD
北大核心
2007年第6期123-125,129,共4页
Microelectronics & Computer
关键词
注入码
仿真器
缓冲区溢出
code-injection
emulator
, buffer overflow
